HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 438
Example of the Intrusion Log with Multiple Entries for the Same Port
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 438 highlights
Configuring and Monitoring Port Security Reading Intrusion Alerts and Resetting Alert Flags clear intrusion-flags Clear intrusion flags on all ports. port-security [e] < port-number > clear-intrusion-flag Clear the intrusion flag on one or more specific ports. In the following example, executing show interfaces brief lists the switch's port status, which indicates an intrusion alert on port A1. Intrusion Alert on port Figure 11-14.Example of an Unacknowledged Intrusion Alert in a Port Status Display If you wanted to see the details of the intrusion, you would then enter the show port-security intrusion-log command. For example: MAC Address of latest Intruder on Port A1 Dates and Times of Intrusions Earlier intrusions on port A1 that have already been cleared (that is, the Alert Flag has been reset at least twice before the most recent intrusion Figure 11-15.Example of the Intrusion Log with Multiple Entries for the Same Port The above example shows three intrusions for port A1. Since the switch can show only one uncleared intrusion per port, the older two intrusions in this example have already been cleared by earlier use of the clear intrusion-log or the port-security < port-list > clear-intrusion-flag command. (The intrusion log holds up to 20 intrusion records, and deletes intrusion records only when the log becomes full and new intrusions are subsequently added.) The "prior to" text in the record for the third intrusion means that a switch reset occurred at the indicated time and that the intrusion occurred prior to the reset. 11-35